British Standards Institution

Source:: CENELEC
Committee:: GEL/65 - Measurement and control
Categories:: Information management | Standardization. General rules
Comment period start date:: 19/02/2025
Comment period end date:: 14/03/2025

Comment by:

14th Mar

Scope

This document specifies the evaluation methodology to support achieving repeatable and reproducible evaluation results for IACS components under evaluation against IEC 62443-4-2 requirements. This document does not specify the definition of a complete certification scheme or certification program. This document does not specify the process evaluations of the secure development lifecycle according to IEC 62443-4-1. The existing secure development lifecycle according to IEC 62443-4-1 is a prerequisite in this evaluation methodology. This document does not specify particular tools, e.g. for the use in vulnerability or penetration testing. This document does not focus on lACS components which were not developed according to the lifecycle process of IEC 62443-4-1.

Purpose

The document specifies the evaluation methodology to support interested parties, for example during conformity assessment activities to achieve repeatable and reproducible evaluation results against EN IEC 62443-4-2 requirements.

Comment on proposal

Required form fields are indicated by an asterisk (*) character.

How important do you think standardization is in this area? *

Do you agree that a standard on this subject is feasible?: *

Please give reasons for your selections above: *

Would you or your organization use the standard? *

Would you or your organization be prepared to participate in the development of the standard or to comment on the draft when it is available? *

Are you aware of any regulation, existing standards and other good practice information in this area in the UK (e.g. Industry codes of practice; company specifications, international or European Standards)? *

Would the development of a standard(s) in this area have a particular impact/relevance to SME, consumer, environmental or societal interests? *

Are you aware of any other organizations to which this proposal may be relevant? If so please provide details below. *

Additional comments on the scope or proposal:

Although BSI will not usually enter into correspondence regarding individual comments or suggestions we may wish to contact you to seek further clarification. Please indicate whether this will be acceptable: *

Discard

Please email further comments to: debbie.stead@bsigroup.com

Standard timeline

1. Proposal

Proposal start date:

19/02/2025

Proposal end date:

14/03/2025

2. Draft

3. Public Comments

4. Comment Resolution

5. Approval

6. Publication

Learn more about the standards development process

Standards Development

CLC/TC 65X NWIP CLC IEC/prTS 62443-6-2 Security for industrial automation and control systems – Part 6-2: Security evaluation methodology for IEC 62443-4-2

Scope

Purpose

Comment on proposal

Discard changes?

Submit comment

Submit comment

Follow standard

Unfollow standard

Error